<?php

/*
 * File  : aksi_users.php
 * Table : users
 */
session_start();
//cek session

if ((!$_SESSION["USRID"] AND !$_SESSION["USRPASS"]) OR $_SESSION["USRLEVEL"] != "admin") {
    header("location: ../index.php");
    exit();
}
//end
?>

<?php

include "../../../library/fungsi.lib.php";

$module = $_GET["module"];
$opr = $_GET["opr"];

// Hapus users
if ($module == 'users' AND $opr == 'hapus') {
    $user_id = ($_GET["id"]);
    mysql_query("DELETE FROM users WHERE user_id='$user_id'");
    header('location:' . URLHOST . 'cms/hansip.php?module=' . $module);

// Input users
} elseif ($module == 'users' AND $opr == 'input') {
    $user_id = ($_POST["in_user_id"]);
    $user_pass = md5($_POST["in_user_pass"]);
    $user_name = ($_POST["in_user_name"]);
    $user_mail = ($_POST["in_user_mail"]);
    $user_telp = $_POST["in_user_telp"];
    $user_level = $_POST["in_user_level"];

    $sql = "INSERT INTO users(user_id, user_pass, user_name, user_mail, user_telp, user_level)
            VALUES('$user_id', '$user_pass', '$user_name', '$user_mail', '$user_telp', '$user_level')";
    //echo $sql;
    mysql_query($sql);
    header('location:' . URLHOST . 'cms/hansip.php?module=' . $module);

// Update produk
} elseif ($module == 'users' AND $opr == 'update') {
    $user_id = $_POST["id"];
    $user_pass = md5($_POST["in_user_pass"]);
    $user_name = ($_POST["in_user_name"]);
    $user_mail = ($_POST["in_user_mail"]);
    $user_telp = $_POST["in_user_telp"];
    $user_level = $_POST["in_user_level"];

    if (strlen($_POST["in_user_pass"]) > 0) {
        $sql = "UPDATE userss SET 
                    user_pass='$user_pass',
                    user_name='$user_name',
                    user_mail='$user_mail',
                    user_telp='$user_telp',
                    user_level='$user_level'
                WHERE user_id='$user_id'";
    } else {
        $sql = "UPDATE userss SET 
                    user_name='$user_name',
                    user_mail='$user_mail',
                    user_telp='$user_telp',
                    user_level='$user_level'
                WHERE user_id='$user_id'";
    }
    //echo $sql;
    mysql_query($sql);
    header('location:' . URLHOST . 'cms/hansip.php?module=' . $module);
}
?>
